Financial Markets Anti-Money Laundering Act (FM-GwG – Finanzmarkt-Geldwäschege setz) PDF Free Download

1 / 54
2 views54 pages

Financial Markets Anti-Money Laundering Act (FM-GwG – Finanzmarkt-Geldwäschege setz) PDF Free Download

Financial Markets Anti-Money Laundering Act (FM-GwG – Finanzmarkt-Geldwäschege setz) PDF free Download. Think more deeply and widely.

All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Financial Markets Anti-Money Laundering Act
(FM-GwG Finanzmarkt-Geldwäschegesetz)
Full Title: Federal Act on the Prevention of Money Laundering and Terrorist Financing in
Financial Markets (FM-GwG Finanzmarkt-Geldwäschegesetz)
Original Version: Federal Law Gazette I no. 118/2016
Table of contents
Section 1
Scope and Definition of Terms
Article 1.
Scope
Article 2.
Definition of Terms
Section 2
Risk assessment
Article 3.
National risk assessment
Article 4.
Risk assessment at company level
Section 3
Customer due diligence
Article 5.
Application of due diligence obligations
Article 6.
Scope of due diligence obligations
Article 7.
Point of time of application of due diligence obligations
Article 8.
Simplified due diligence
Article 9.
Enhanced due diligence
Article 10.
Correspondent relationships
Article 11.
Transactions and business relationships with politically exposed
persons (PEPs)
Article 12.
Inadmissible business relationships and measures for non-cooperative
countries and territories
Section 4
Performance by third parties
Article 13.
Admissibility of performance by third parties
Article 14.
Performance by third parties in the case of groups
Article 15.
Outsourcing and agency relationships
Section 5
Reporting obligations
Article 16.
Reports to the Financial Intelligence Unit (Geldwäschemeldestelle)
Article 17.
Non-execution of transactions
Article 18.
Notifications from the competent authorities to the Financial Intelligence
Unit (Geldwäschemeldestelle)
Article 19.
Exclusion from claims for damages and protection against threats
Article 20.
Prohibition of disclosure
Section 6
Retention of records, data protection, statistical information and requirements for
their internal organisation
Article 21.
Requirements for retention of records and data protection
Article 22.
Information exchange with the Financial Intelligence Unit
(Geldwäschemeldestelle) and the FMA
Article 23.
Requirements for internal organisation and trainings
Article 24.
Strategies and procedures for groups
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Section 7
Supervision
Article 25.
Aims and principles of supervision
Article 26.
Authorisation to process data
Article 27.
Cooperation of Bundesrechnungszentrum GmbH
Article 28.
Supervision costs
Article 29.
Information and disclosure obligations
Article 30.
On-site inspections
Article 31.
Supervisory measures of the FMA
Article 32.
Supervision in the Context of the Freedom of Establishment and the
Freedom to Provide Services
Article 33.
Coercive penalties
Section 8
Penal provisions and disclosures
Article 34.
Breaches of obligations
Article 35.
Penal liability of legal persons
Article 36.
Extension of the limitation period
Article 37.
Disclosure
Article 38.
Effective punishment of breaches of obligations
Article 39.
Usage of received fines
Article 40.
Protection of whistleblowers
Article 41.
Notifications to the European Supervisory Authorities
Section 9
Transitional and final provisions
Article 42.
Entry into force
Article 43.
Entry into force of amendments
Article 44.
References
Article 45.
Gender-neutral use of language
Article 46.
Transitional provisions
Article 47.
Enforcement Clause
Annexes
Annex I
Annex II
Annex III
Section 1
Scope and Definition of Terms
Scope
Article 1. This federal act shall be applied to credit institutions and financial institutions
(obliged entities). Excluded from this group are branches or branch establishments located
in other Member States of credit institutions and financial institutions incorporated in Austria.
Definition of Terms
Article 2. For the purposes of this federal act, the following definitions shall apply:
1. credit institution: a credit institution pursuant to Article 1 para. 1 BWG and a CRR-credit
institution pursuant to Article 9 BWG which provides activities in Austria through a branch.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
2. financial institution:
a) financial institution pursuant to Article 1 para. 2 nos. 1 to 6 BWG;
b) an insurance undertaking pursuant to Article 1 para. 1 no. 1 VAG 2016 and a small
insurance undertaking pursuant to Article 1 para. 1 no. 2 VAG 2016 respectively
within the scope of their life assurance operations (classes 19 to 22 pursuant to
Annex A to VAG 2016);
c) an investment firm pursuant to Article 3 para. 1 WAG 2007 and an investment
services provider pursuant to Article 4 para. 1 WAG 2007;
d) an AIFM pursuant to Article 4 para. 1 AIFMG and a non-EU AIFM pursuant to
Article 39 para. 3 AIFMG;
e) an e-money institution pursuant to Article 3 para. 2 of the E-Geldgesetz 2010;
f) a payment institution pursuant to Article 7 ZaDiG;
g) the Austrian Post with regard to its money transfer services;
h) Financial institutions pursuant to points a) to d) of Article 3 (2) of Directive (EU)
2015/849 with their place of incorporation in another Member State with business
operations conducted through branches or branch establishments located in Austria
as well as branches or branch establishments of such financial institutions that are
authorised in third countries.
3. beneficial owner: the natural persons who ultimately own or control the customer. In
particular, the term "beneficial owner" includes the following:
a) in the case of corporate entities:
aa) the natural persons who ultimately own or control a legal entity through direct or
indirect ownership of or control over a sufficient percentage of the shares or
voting rights in that legal entity, including ownership or control through bearer
share holdings, other than a company listed on a regulated market that is
subject to disclosure requirements consistent with Union law or subject to
equivalent international standards; a percentage of 25% plus one share shall be
considered sufficient for meeting this criterion;
bb) the natural persons who exercise control over the management of a legal entity
in some other way;
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
b) in the case of legal entities such as foundations, and in the case of trusts which
administer or distribute funds:
aa) where the future beneficiaries have already been determined, the natural
persons who are the beneficiaries of 25% or more of the assets of a trust or
legal entity;
bb) where the individual persons, who are the beneficiaries of the trust or legal
entity, have yet to be determined, the group of persons in whose interest the
trust or legal entity has primarily been set up or operates;
cc) the natural persons that exercise control over 25% or more of the assets of a
trust or legal entity.
4. trust or company service provider: any person providing one of the following services for
third parties on a commercial basis:
a) the formation of companies or other legal persons;
b) acting as, or arranging for another person to act as, a director or secretary of a
company, a partner of a partnership , or a similar position in relation to other legal
persons;
c) providing a registered office, business address, correspondence or administrative
address and other related services for a company, a partnership or any other legal
person or arrangement;
d) acting as, or arranging for another person to act as, a trustee of an express trust or a
similar legal arrangement;
e) acting as, or arranging for another person to act as, a nominee shareholder for
another person other than a company listed on a regulated market that is subject to
disclosure requirements in accordance with Union law or subject to equivalent
international standards.
5. Correspondent relationship:
a) the provision of banking services by one credit institution as the correspondent to
another credit institution as the respondent, including providing a current or other liability
account and related services, such as cash management, international funds transfers,
cheque clearing, payable-through accounts and foreign exchange services;
b) the relationships between and among credit institutions and financial institutions
including where similar services are provided by a correspondent institution to a
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
respondent institution, and including relationships established for securities transactions
or funds transfers.
6. politically exposed person: a natural person who is or who has been entrusted with
prominent public functions including the following:
a) heads of state, heads of government, ministers and deputy or assistant ministers; in
Austria this particularly applies to the Federal President, the Federal Chancellor and the
members of the Federal Government and the provincial governments;
b) Members of parliament or members of similar legislative bodies; in Austria this
particularly applies to the members of the National Council (Nationalrat) and the Federal
Council (Bundesrat);
c) Members of the governing bodies of political parties; in Austria this particularly applies
to members of the governing bodies of political parties in the National Council;
d) members of supreme courts, of constitutional courts or of other high-level judicial
bodies, the decisions of which are not subject to further appeal, except in exceptional
circumstances; in Austria this particularly applies to judges in the Supreme Court of
Justice (Oberster Gerichtshof), the Constitutional Court (Verfassungsgerichtshof) and the
Supreme Administrative Court (Verwaltungsgerichtshof);
e) Members of courts of audit or the management bodies of central banks; in Austria this
particularly applies to the President of the Austrian Court of Audit (Bundesrechnungshof)
as well as the Directors of the Courts of Audit of the individual provinces
(Landesrechnungshof) and the Members of the Governing Board of the Oesterreichische
Nationalbank;
f) Ambassadors, chargés d'affaires and high-ranking officers of the armed forces; in
Austria this particularly applies to high-ranking officers in the armed forces in particular
members of the military with a rank of Lieutenant General (Generalleutnant) or higher;
g) Members of the administrative, management or supervisory boards of state-owned
enterprises; in Austria this particularly applies to enterprises in which the federal
government or the government of a province holds at least 50% of the nominal capital,
share capital or equity capital, or which the federal government or the government of a
province solely operates, or which the federal government or the government of a
province actually controls by financial means or other economic or organisational
measures;
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
h) Directors, deputy directors and members of the board or an equivalent function of an
international organisation.
No public function referred to in points a) to h) shall be understood as covering middle-
ranking or more junior officials;
7. Family members: in particular
a) the spouse of a politically exposed person, a person considered to be equivalent to
a spouse of a politically exposed person or the life partner as defined in Article 72
para. 2 StGB,
b) the children (including adopted and foster children) of a politically exposed person
and their respective spouses, or a person considered to be equivalent to a spouse or
life partner as defined in Article 72 para. 2 StGB,
c) the parents of a politically exposed person.
8. persons known to be close associates:
a) natural persons who are known to have joint beneficial ownership of legal entities or
legal arrangements, or any other close business relations, with a politically exposed
person;
b) natural persons who have sole beneficial ownership of a legal entity or legal
arrangement which is known to have been set up for the de facto benefit of a politically
exposed person.
9. senior management: officers or employees of the obliged entity with sufficient knowledge
of the institution's money laundering and terrorist financing risk exposure and sufficient
seniority to take decisions affecting its risk exposure, and need not, in all cases, be a
member of the board of directors.
10. business relationship: any business, professional or commercial relationship which is
connected with the commercial activities of an obliged entity and which is expected, at
the time when the contact is established, to have an element of duration.
11. group: a group of undertakings which consists of a parent undertaking, its subsidiaries,
and the entities in which the parent undertaking or its subsidiaries hold a participation, as
well as undertakings linked to each other by a relationship within the meaning of
Article 22 of Directive 2013/34/EU;
12. electronic money: electronic money pursuant to Article 1 para. 1 E-Geldgesetz 2010.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
13. shell bank: a credit institution or financial institution, or an institution that carries out
activities equivalent to those carried out by credit institutions and financial institutions,
incorporated in a jurisdiction in which it has no physical presence, involving meaningful
mind and management, and which is unaffiliated with a regulated financial group.
14. Financial Intelligence Unit (Geldwäschemeldestelle): the Financial Intelligence Unit
(Geldwäschemeldestelle) pursuant to Article 4 para. 2 no. 1 of the Criminal Intelligence
Service Act (BKA-G, Bundeskriminalamt-Gesetz).
15. customer: any person who has established a business relationship with the obliged
entity, or wishes to establish one, as well as any person for whom the obliged entity
conducts a transaction or intends to conduct one, that does not fall within the scope of a
business relationship (occasional transaction).
16. high-risk third countries: third countries, which have strategic deficiencies in their
national anti-money laundering and counter financing of terrorism regime, that pose
significant threats to the financial system of the European Union and which have been
determined by the European Commission by means of a Delegated Regulation pursuant
to Article 9 of Directive (EU) 2015/849.
17. Member State: a Member State of the European Union or another State that is a
signatory country to the Agreement on the European Economic Area, published in
Federal Law Gazette no. 909/1993 in the version of the protocol adjustment in Federal
Law Gazette no. 910/1993 (EEA).
18. third country: any country that is not a Member State pursuant to no. 17.
19. life assurance contracts: life assurance contracts (classes 19 to 22 pursuant to Annex A
to VAG 2016) and life assurance contracts and other insurance contracts with an
investment purpose, provided that they are sold in Austria under the freedom of
establishment.
20. European Supervisory Authorities; the European Banking Authority (EBA) pursuant to
Regulation (EU) no 1093/2010, the European Insurance and Occupational Pensions
Authority (EIOPA) pursuant to Regulation (EU) no 1094/2010 and the European
Securities and Markets Authority (ESMA) pursuant to Regulation (EU) no 1095/2010.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Section 2
Risk assessment
National risk assessment
Article 3. (1) A coordinating committee shall be established at the Federal Ministry of
Finance to develop measures and strategies for the prevention of money laundering and
terrorist financing, to identify assess, understand and mitigate the risks prevailing in Austria
with regard to money laundering and terrorist financing as well as all data protection issues.
The Federal Ministries for Justice, for the Interior, for Science, Research and Economy, for
Europe, Integration and Foreign Affairs, as well as the Financial Market Authority (FMA) and
the Oesterreichische Nationalbank shall nominate at least one member and a deputy
member. The chairperson and their deputy shall be nominated by the Federal Minister of
Finance. The chairperson shall convene the coordination committee at least twice per
calendar year. The members of the coordination committee may also request it to be
convened in the event of material reasons prevailing.
(2) The coordinating committee shall draw up and maintain a national risk assessment on an
ongoing basis. The basis of the national risk assessment shall consist of the contributions of
the members listed in para. 1, who shall draw up such contributions in relation to their
respective competences. In drawing up the national risk assessment, the findings of the
report of the European Commission on the risks of money laundering and terrorist financing
affecting the internal market pursuant to Article 6 (1) of Directive (EU) 2015/849 shall be
taken into account. The chairperson of the coordination committee shall be responsible for
coordinating the drawing up of the national risk assessment.
(3) The national risk assessment shall serve the following purposes:
1. the improvement of the regime for combatting of money laundering and terrorist
financing, in particular by identifying any areas where the obliged entities shall be required
to apply enhanced measures and recommending the measures to be taken;
2. the identification of sectors or areas of lower or greater risk of money laundering and
terrorist financing;
3. the identification of money laundering and terrorist financing risks in relation to the
development of new products and business practices including new delivery channels and
the use of new or developing technologies both for new as well as for existing products;
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
4. the allocation and prioritisation of resources to combat money laundering and terrorist
financing;
5. to ensure that appropriate rules are drawn up for each sector or area, in accordance
with the risks of money laundering and terrorist financing, and
6. making appropriate information available promptly to obliged entities to facilitate them
in carrying out their own money laundering and terrorist financing risk assessments.
The Federal Ministries of Finance, for Justice, for the Interior, for Science, Research and
Economy, for Europe, Integration and Foreign Affairs, as well as the Financial Market
Authority (FMA) and the Oesterreichische Nationalbank shall take necessary steps within the
scope of their respective competences to realise these purposes.
(4) The Oesterreichische Nationalbank and the FMA upon request and within the scope of
their competence, shall submit all data, information, analyses and assessments relating to
the financial market that are necessary for drawing up the national risk assessment to the
Federal Minister of Finance without delay. The Oesterreichische Nationalbank shall submit
the data that it has investigated and processed pursuant to Article 8 para. 2 of the Sanctions
Act (SanktG - Sanktionsgesetz), to the FMA, provided that this data is required for the
performance of duties by the FMA in accordance with this federal act.
(5) The Federal Minister of Finance shall submit the findings of the national risk assessment
to the European Commission and shall publish it on the Federal Ministry of Finance’s
website.
(6) In addition, the coordination committee shall also develop strategies and measures for
combatting of money laundering and terrorist financing on a national level, shall regularly
review whether they are up-to-date, and shall issue recommendations for their
implementation.
Risk assessment at company level
Article 4. (1) The obliged entities shall identify and assess the potential risks of money
laundering and terrorist financing, to which they are exposed, on the basis of data and
information taking into account all risk factors, in particular those that relate to customers,
countries or geographical areas, products, services, transactions and delivery channels as
well as other new or developing technologies, both for new and already existing products. In
so doing, they shall take into account findings of the national risk assessment (Article 3) and
of the report of the European Commission on the risks of money laundering and terrorist
financing affecting the internal market (Article 6 (1) of Directive (EU) 2015/849). The
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
investigation and assessment in relation to new products, practices and technologies shall in
any case take place prior to their roll-out. The steps involved in the investigations and
assessment shall be proportionate to the nature and size of the obliged entities.
(2) The obliged entities shall keep records for the investigation and assessment steps
conducted pursuant to para. 1 and their outcome in an understandable way, and shall keep
records up-to-date and shall make them available to the FMA upon request in a generally
available electronic format. The FMA may determine by means of a Regulation that the
records of a risk assessment may not be necessary for specific types of obliged entities
within a sector, if the specific risks existing within the sector are clearly recognisable and are
understood by the obliged entities within this sector.
Section 3
Customer due diligence
Application of due diligence obligations
Article 5. The obliged entities shall apply customer due diligence pursuant to Article 6 in the
following cases:
1. when establishing a business relationship;
savings deposit transactions in accordance with Article 31 para. 1 BWG and transactions
pursuant to Article 12 of the Securities Deposit Act (DepotG; Depotgesetz) shall always be
considered as business relationships;
2. when executing any transactions which are not conducted within the scope of a
business relationship (occasional transactions),
a) which involve an amount of at least EUR 15 000 or a euro equivalent value,
regardless of whether the transaction is carried out in a single operation or in multiple
operations between which there is an obvious connection; or
b) which involves a transfer of funds as defined in Article 3 (9) of
Regulation (EU) 2015/847 exceeding EUR 1 000;
if the amount in the cases listed in letter a) is not known prior to the start of the
transaction, then the due diligence obligations shall be applied as soon as the amount
involved is known and it has been determined that the amount is at least EUR 15 000 in
value or euro equivalent value;
3. for each deposit into savings deposits, and for each withdrawal of savings deposits if
the amount deposited or withdrawn is at least EUR 15 000 or a euro equivalent value;
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
4. if the institution suspects or has reasonable grounds to suspect that the customer
belongs to a terrorist organisation (Article 278b StGB) or the customer objectively
participates in transactions which serve the purpose of money laundering (Article 165
StGB including asset components which stem directly from a criminal act on the part of
the perpetrator) or terrorist financing (Article 278d StGB);
5. when there are doubts as to the veracity or adequacy of previously obtained customer
identification data.
Scope of due diligence obligations
Article 6. (1) Customer due diligence shall comprise:
1. identifying the customer and verifying the customer's identity on the basis of documents,
data or information obtained from a reliable and independent source;
2. identifying the beneficial owner and taking reasonable measures to verify that person's
identity so that the obliged entity is satisfied that it knows who the beneficial owner is,
including, as regards legal persons, trusts, companies, foundations and similar legal
arrangements, taking reasonable measures to understand the ownership and control
structure of the customer;
3. assessing and obtaining information on the purpose and intended nature of the business
relationship;
4. obtaining and checking of information about the source of the funds used; such
information may include details about professional or business activities, income or
operating result or the general financial situation of the customer and their beneficial
owners;
5. identification and verification of the trustor and the trustee pursuant to para. 3;
6. conducting ongoing monitoring of the business relationship including scrutiny of
transactions undertaken throughout the course of that relationship to ensure that the
transactions being conducted are consistent with the obliged entity's knowledge of the
customer, the business and risk profile, including where necessary the source of funds.
7. regular checking of the availability of all required information, data and documents that are
required under the federal act, and updating of such information data and documents.
The identity of those persons claiming to be wanting to act on behalf of the customer (natural
persons authorised to represent the customer) shall be determined and verified pursuant to
no. 1. The power of representation shall be verified in a suitable way and manner. The
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
customer shall report any changes relating to the power of representation during an ongoing
business relationship without delay at their own initiative.
(2) The verification of identity pursuant to para. 1 no. 1 shall in the case of
1. a natural person be by means of showing an official photo identification document in
person. For the purposes of this provision, documents which are issued by a government
authority and which bear a non-replaceable, recognisable photograph of the face of the
person in question and include the name, date of birth and signature of the person as well
as the authority which issued the document are considered to be official photo
identification documents; in the case of foreign passports, the passport need not contain
the person's signature and complete date of birth if this corresponds to the law of the
country issuing the passport. Individual criteria with regard to the official photo
identification may be waived where technical advances, such as biometric data, give rise
to other criteria which are at least equivalent to the waived criteria in terms of their
identification effects. However, the criterion stipulating that the identification must be
issued by a government authority must always be fulfilled;
2. a legal person, on the basis of meaningful supporting documentation available under the
usual legal standards of the country in which the legal person is incorporated. In any case
the effective existence, name, legal form, power of representation and place of
incorporation of the legal person shall be checked.
(3) The obliged entities shall request customers to indicate the following:
1. Whether the customer intends to conduct the business relationship (Article 5 para. 1
no. 1) or the occasional transaction (Article 5 para. 1 no. 2) on one’s own account or for
the account of others or on behalf of a third party, and
2. the identity of its beneficial owner(s).
The customer shall comply with this request and shall report any changes relating to this
request during an ongoing business relationship without delay at their own initiative. If the
customer indicates that they intent to conduct the business relationship for the account of
others or on behalf of a third party (no. 1), then they shall also be required to prove the
identity of the trustor to the obliged entity, and the obliged entity shall determine and verify
the identity of the trustor. The trustee shall be identified pursuant to para. 2 no. 1, and only in
the physical presence of the trustee. The identification of the trustee by third parties shall be
excluded. In the case of natural persons, the identity of the trustor shall be ascertained and
verified by presentation of the original or a copy of the trustor’s official photo identification
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
document (para. 2 no. 1); in the case of legal persons, by means of meaningful supporting
documents (para. 2 no. 2). The trustee must also submit a written declaration to the obliged
entity stating that the trustee has ascertained the identity of the trustor personally or through
reliable sources. In this context, reliable sources refer to courts and other government
authorities, notaries, attorneys at law and third parties as specified in Article 13.
(4) The personal presentation of the official photo identification document as defined in
para. 2 may be replaced by safeguards for business relationships or transactions without
face-to-face contacts. The obliged entity must in any case know the name, date of birth and
address of the customer, or in the case of legal persons the company name and place of
incorporation. The following security measures shall be permissible:
1. the presentation in a video-based electronic procedure of the official photo identification
document (online identification),
2. a statutorily prescribed procedure, which ensures that the same information would be
made available as would be if an official photo identification document were presented
(electronic ID card),
3. the submission of a legally binding declaration by the customer in the form of a qualified
electronic signature in accordance with point 12 of Article 3 of Regulation (EU)
No 910/2014 or the delivery of a legally binding declaration by the obliged entity via
registered mail to the customer address given as the place of residence or place of
incorporation, if in addition
a) in the case of legal persons the place of incorporation is also the place of the central
administration, which shall be confirmed by the customer by means of a written
declaration;
b) a copy of the official photo identification document of the customer or the customer's
legal representative, or in the case of legal persons of the body authorised to
represent it has been supplied prior to the conclusion of the contract, provided that
the legal transaction has not been concluded electronically using a qualified electronic
signature, and
c) for customers with a place of incorporation or place of residence in a third country, a
written declaration by another credit institution with which the customer has a
permanent business relationship is provided, stipulating that the identity of the
customer has been determined and verified in accordance with this federal act, and
that the permanent business relationship is still maintained. If the credit institution
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
providing the confirmation has its place of incorporation in a third country, then this
third country must fulfil the requirements pursuant to Article 13 para. 4. In lieu of
identification and confirmation by a credit institution, identification and written
confirmation by the Austrian representation in the third country in question or by a
recognised certification authority is also permissible;
or
4. the first payment during transactions is settled through an account opened in the
customer's name with a credit institution as specified in Article 13 and copies of customer
documents are available, on the basis of which the information provided by the customer
or the natural person authorised to represent the customer may be verified in a credible
manner. In lieu of such copies, a written declaration from the credit institution through
which the first payment is intended to be made shall be sufficient for determining and
verifying the identity of the customer as defined in this federal act or Directive (EU)
2015/849.
The FMA shall determine by means of a Regulation with the consent of the Federal Minister
of Finance, which measures shall be necessary for online identification to mitigate the
increased risk, and in so doing shall in particular define the requirements in relation to
security of data, security against forgeries as well as for those persons that will conduct the
online identification process.
(5) The obliged entities may determine the extent of the due diligence obligations listed in
paras. 1 to 3 on a risk-sensitive basis. When assessing the risks of money laundering and
terrorist financing at least the variables set out in Annex I shall be taken into account. As a
result of this assessment, every customer shall be assigned to a risk class. The obliged
entities shall have to be able to demonstrate to the FMA, that the measures they have taken
are appropriate in view of the risks of money laundering and terrorist financing that have
been identified.
Point of time of application of due diligence obligations
Article 7. (1) The determination and verification of the identity of the customer, the beneficial
owner and the trustor and trustee (Article 6 para. 1 nos. 1, 2 and 5) and about the obtaining
of information on the purpose and intended nature of the business relationship and the origin
of the funds used (Article 6 para. 1 nos. 3 and 4) must occur prior to the establishment of a
business relationship or the carrying or conducting of an occasional transaction. The
determination and verification of the identity of a natural person authorised to represent the
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
customer (Article 6 para. 1 closing part) must occur, when the authorised representative
invokes their power of representation.
(2) By way of derogation from para. 1, the obliged entities may allow verification of the
identity of the customer, the beneficial owner and the trustor to be completed during the
establishment of a business relationship, if this is necessary to not interrupt the normal
conduct of business, and where there is little risk of money laundering or terrorist financing.
In such situations, those procedures shall be completed as soon as practicable after initial
contact.
(3) By way of derogation from para. 1, the opening of a bank account, including accounts that
permit transactions in transferable securities, shall be permissible at an obliged entity,
provided that there are adequate safeguards in place to ensure that transactions are not
carried out by the customer or on its behalf until full compliance with the customer due
diligence requirements pursuant to Article 6 para. 1 nos. 1 to 5 has been obtained.
(4) In the case of life assurance contracts, insurance undertakings shall also be required to
comply, in addition to the customer due diligence obligations towards customers and
beneficial owners, with the following due diligence obligations towards the beneficiaries of life
assurance contracts:
1. in the case of beneficiaries that are identified as specifically named persons or as
legal arrangements, the insurance undertaking shall hold the names of the respective
persons;
2. in the case of beneficiaries that are designated by characteristics, class or by other
means, insurance undertakings shall obtain sufficient information concerning those
beneficiaries to ensure that they will be able to establish the identity of the beneficiary
at the time of the payout.
The insurance undertakings shall, in the instances named in nos. 1 and 2, verify the identity
of the beneficiaries prior to payout. In the case that the life assurance contract is either fully
or partially taken over by a third party, or the claim from this contract is assigned fully or
partially to a third party, then the insurance undertakings that are aware of this takeover or
assignment shall determine and verify the identity of the new customer or the beneficial
owner at the time at which the claims from the contract were assigned to or taken over by the
natural or legal person or legal arrangement.
(5) Where the beneficiaries of trusts or of similar legal arrangements are designated by
means of particular characteristics or by class, the obliged entities shall be required to obtain
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
sufficient information concerning the beneficiaries to be satisfied that they will be able to
establish the identity of the beneficiary at the time of the payout or at the time that the
beneficiary exercises its vested rights. The identity of the beneficiaries must in any case be
verified prior to payout.
(6) The obliged entities shall apply customer due diligence obligations not only to all new
customers, but also to existing customers on a risk-sensitive basis at the appropriate time.
This shall in particular be the case when the relevant circumstances of a customer change.
(7) If, with the exception of Article 6 para. 1 nos.6 and 7, the obliged entities either do not
comply or are not able to comply with the customer due diligence obligations, then they shall
not be allowed to carry out a transaction through a bank account, to establish a business
relationship or to carry out transactions. Furthermore, they shall have to terminate an existing
business relationship. Insurance undertakings shall not be allowed in the case of life
assurance contracts to establish a business relationship and to carry out a transaction, if they
do not or are unable to fulfil their due diligence obligations towards a customer or a
beneficiary. Occupational severance and retirement funds shall not be allowed to conduct
transactions, if they do not or are unable to fulfil their due diligence obligations towards a
customer. In cases as per Article 6 para. 1 no. 6 a transaction may be delayed until the
necessary checking steps have been concluded. In all cases the obliged entities shall
consider making a suspicious transaction report in relation to the customer in accordance
with Article § 16 to the Financial Intelligence Unit (Geldwäschemeldestelle).
(8) The acceptance and acquisition of securities for
1. securities accounts (Article 11 DepotG) and
2. business relationships pursuant to Article 12 DepotG,
which were initiated or entered into before 1 August 1996, shall only be permissible, when
the customer due diligence obligations had previously been applied pursuant to Article 6. The
sale of securities and the withdrawal of balances and income from securities accounts
(Article 11 DepotG) and from business relationships pursuant to Article 12 DepotG may only
be carried out provided that the customer due diligence obligations pursuant Article 6 have
previously been applied.
(9) In the case of existing savings accounts pursuant to Article 31 BWG, where customer due
diligence obligations pursuant to Article 6 have not yet been applied, deposits may neither be
made or received, and amounts from credit transfers may not be credited to such savings
accounts.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
(10) Savings accounts, for which customer due diligence obligations pursuant to Article 6
have not yet been applied, shall be operated as specially marked accounts. Deposits into
and withdrawals from such accounts may only be made, and funds transfers only credited to
those accounts, if the customer due diligence obligations pursuant to Article 6 have been
applied.
Simplified due diligence
Article 8. (1) Where an obliged entity identifies on the basis of its risk assessment (Article 4)
that areas exist of a lower risk of money laundering or terrorist financing, then it may apply
simplified customer due diligence. In this case, the risks of money laundering and terrorist
financing relating to types of customers, geographic areas, and particular products, services,
transactions or delivery channels shall be assessed and at least the factors of potentially
lower risk situations set out in Annex II taken into account.
(2) Before applying simplified customer due diligence for a customer, obliged entities shall
ascertain that the business relationship or the transaction presents a lower degree of risk. In
particular they shall not assume a low risk of money laundering or terrorist financing if there
is information available to suggest that the risk of money laundering or terrorist financing
might not in fact be low.
(3) Also in those areas, in which the obliged entities apply simplified due diligence, they shall
ensure that the transactions and business relationships shall be adequately monitored to
enable the detection of unusual or suspicious transactions.
(4) The obliged entities shall be required to retain sufficient information in order to be able to
demonstrate compliance with the requirements for the application of simplified due diligence.
(5) The FMA may determine, with the consent of the Federal Minister of Finance, by means
of a Regulation in which areas a low risk of money laundering or terrorist financing exists, if
this has been determined in the national risk assessment (Article 3) or the FMA itself has
identified that a low risk exists taking into account para. 1 second sentence. The FMA shall
determine, as necessary the precise scope of simplified due diligence towards customers in
a Regulation pursuant to this paragraph.
(6) Regulation (EU) 2015/847 shall not apply to domestic transfers of funds to a payee
account permitting payments for the provision of goods or services if:
1. the payment service provider of the payee is subject to the obligations set forth in
Directive (EU) 2015/849;
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
2. the payment service provider of the payee is able by means of a reference number
relating to the customer to trace back, through the payee, the transfer of funds to the
natural or legal person who has made an agreement with the payee for the provision of
goods and services, and
3. the amount being transferred is EUR 1 000 or less.
Enhanced due diligence
Article 9. (1) In the cases referred to in Articles 10 to 12, in the case of natural or legal
persons domiciled in high-risk third countries, and if an obliged entity determines, either on
the basis of its risk assessment (Article 4) or in another manner, that a higher risk of money
laundering or terrorist financing exists, then the obliged entity shall apply enhanced customer
due diligence to manage and mitigate those risks appropriately. In this case, the risks of
money laundering and terrorist financing relating to types of customers, geographic areas,
and particular products, services, transactions or delivery channels shall be assessed and at
least the factors of potentially higher risk situations set out in Annex III taken into account.
(2) Where obliged entities have branches or branch establishments or subsidiaries
incorporated in high-risk third countries, they shall not have to automatically invoke enhanced
customer due diligence needed for them, where those branches or branch establishments or
subsidiaries fully comply with the group-wide strategies and procedures (Article 24). In this
instance the obliged entities shall assess on a risk-sensitive basis whether it shall be
necessary to apply enhanced due diligence obligations.
(3) The obliged entities shall examine, as far as reasonably possible, the background and
purpose of all complex and unusually large transactions, and all unusual patterns of
transactions, which have no apparent economic or lawful purpose. In particular, obliged
entities shall increase the degree and nature of monitoring of the business relationship, in
order to determine whether those transactions or activities appear suspicious.
(4) The FMA may determine, with the consent of the Federal Minister of Finance, by means
of a Regulation in which areas, in addition to those listed in this federal act, a high risk of
money laundering or terrorist financing exists, if this has been determined in the national risk
assessment (Article 3) or the FMA itself has identified that a high risk exists taking into
account para. 1 second sentence. The FMA shall determine, as necessary the precise scope
of enhanced due diligence towards customers in a Regulation pursuant to this paragraph.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Correspondent relationships
Article 10. In the case of cross-border correspondent relationships with respondent
institutions incorporated in third countries, obliged entities shall, in addition to the customer
due diligence obligations set out in Article 6:
1. gather sufficient information about a respondent institution to understand fully the
nature of its business and be able to ascertain the reputation of the institution and the
quality of supervision on the basis of publicly available information;
2. satisfy themselves of the adequacy of the respondent institution's controls for
combatting money laundering and terrorist financing;
3. obtain approval from senior management before establishing new correspondent
relationships;
4. document the respective responsibilities of each institution, and
5. with respect to payable-through accounts, be satisfied that the respondent institution
has verified the identity of and performed ongoing due diligence on the customers
having direct access to accounts of the respondent institution, and that the
respondent institution is able to provide relevant customer due diligence data to the
obliged entity upon the latter’s request;
Transactions and business relationships with politically exposed persons (PEPs)
Article 11. (1) In addition to the customer due diligence obligations set out in Article 6, the
obliged entities shall
1. have in place appropriate risk management systems, including risk-based
procedures, to be able to determine whether the customer, the beneficial owner of the
customer, or the trustor of the customer is a politically exposed person and to apply
these procedures prior to establishing the business relationship as well as to apply
them at regular intervals during the ongoing business relationship.
2. in the case of business relationships with politically exposed persons:
a) obtain the approval of their senior management, before establishing or continuing
business relationships with such persons;
b) take adequate measures to establish the source of wealth and source of funds
that are involved in business relationships or transactions with such persons; and
c) subject the business relationship to enhanced ongoing monitoring.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
(2) Insurance undertakings shall take reasonable measures to determine whether the
beneficiaries of a life insurance contract and/or, where necessary, the beneficial owner of the
beneficiary is a politically exposed person. Those measures shall be taken no later than at
the time of the payout or at the time of the assignment, in whole or in part, of the life
assurance contract. Where increased risks have been identified, in addition to applying the
customer due diligence laid down in Article 6, obliged entities shall also be required to:
1. inform its senior management prior to payout, and
2. conduct enhanced scrutiny of the entire business relationship with the insurance
policyholder.
(3) Where a politically exposed person is no longer entrusted with a prominent public function
by a Member State or a third country, or with a prominent public function by an international
organisation, obliged entities shall, for at least twelve months, be required to take into
account the continuing risk posed by that person and to apply appropriate and risk-sensitive
measures until such time as that person is deemed to pose no further risk specific to
politically exposed persons.
(4) The measures referred to in this Article shall also apply to family members or persons
known to be close associates of politically exposed persons.
Inadmissible business relationships and measures for non-cooperative countries and
territories
Article 12. (1) The obliged entities shall not enter into or continue a correspondent
relationship with a shell bank, and shall take appropriate measures to ensure that they do not
engage in or continue correspondent relationships with a credit institution or financial
institution, which is known to permit its accounts to be used by a shell bank.
(2) In any case, the obliged entities shall be prohibited from servicing anonymous accounts
and from accepting anonymous savings deposits; Article 7 paras. 8 to 10 shall be applicable.
(3) In cooperation with the Main Committee of the National Council, the federal government
shall issue a regulation designating as non-cooperative countries and territories those
countries which do not take the measures against money laundering necessary according to
international standards in their territories or jurisdictions. In particular, a violation of
international standards is to be assumed in cases where the Council of the European Union
or the Financial Action Task Force on Money Laundering have adopted resolutions to this
effect.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
(4) In connection with non-cooperative countries and territories, the following provisions
apply:
1. unless proven otherwise, persons with their place of incorporation or residence in a
non-cooperative country or territory shall be considered in any case not to meet the
requirements for the sound and prudent management of an obliged entity.
2. a licence shall not be granted to an obliged entity, where one or more persons who hold a
qualifying holding in the undertaking submitting the application have their place of
incorporation or residence in a non-cooperative country or territory, unless the applicant
submitting the application is able to prove that the obliged entity shall not conduct
activities for the purpose of money laundering and will not conduct any transactions in
violation of United Nations decisions which are binding under public international law.
3. The FMA shall prohibit the acquisition of a qualifying holding in an obliged entity by
persons whose place of incorporation or residence is in a non-cooperative country or
territory.
4. The identity of a customer, whose place of incorporation or residence is in a
non-cooperative country or territory, may be ascertained only by the customer appearing
in person at the obliged entity confirming their identity using an original official photo
identification document; for transactions carried out on behalf of others, these
requirements apply to both the trustee and the trustor; the obliged entities shall make
copies of the official photo identification documents and shall be required to retain them
pursuant to Article 21.
5. All transactions,
a) in which the originator or beneficiary is a person whose place of incorporation or
residence is in a non-cooperative country or territory, or
b) which are executed into or from an account held at a foreign credit institution or
financial institution incorporated in a non-cooperative country or territory,
shall be reported to the Financial Intelligence Unit (Geldwäschemeldestelle) by credit and
financial institutions without delay, if the amount exceeds EUR 100 000 or a euro equivalent
value; Article 16 shall apply. This reporting obligation applies regardless of whether the
transaction is carried out in a single operation or in multiple operations between which there
is an obvious connection; in cases where the amount is unknown at the beginning of a
transaction, the report must be submitted as soon as the amount is known and it is
established that it will come to at least EUR 100 000 or an equivalent value.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Section 4
Performance by third parties
Admissibility of performance by third parties
Article 13. (1) The obliged entities may rely on third parties for the fulfilment of the customer
due diligence obligations set out in Article 6 para. 1 nos. 1 to 5 and 7, provided that no
indications exist to suggest that the listed obligations will not be fulfilled to a comparable
standard. However, the ultimate responsibility for meeting those obligations shall remain with
the obliged entity which relies on the third party.
(2) The obliged entities shall ensure that they obtain the necessary information without delay
with regard to the customer due diligence obligations set out in Article 6 para. 1 nos. 1 to 5
and 7 from the third parties upon whom they are reliant. Furthermore, they shall be required
to take appropriate steps to ensure that the third party is able to forward them upon request
copies of the documentation used to satisfy these due diligence obligations as well as other
relevant documentation on the identity of the customer or the beneficial owner(s).
(3) Credit institutions and financial institutions incorporated in Austria shall be considered as
third parties, for the purpose of this Article, provided that they do not only hold an
authorisation for conducting exchange bureau business (Article 1 para. 1 no. 22 BWG), as
well as the persons listed in items a and b of Article 2 (1) 3) of Directive (EU) 2015/849 and
insurance intermediaries pursuant to Article 365m para. 3 no. 4 of the Commercial Code
(GewO 1994 - Gewerbeordnung) incorporated in Austria.
(4) Credit institutions and financial institutions pursuant to points 1 and 2 of Article 3 of
Directive (EU) 2015/849 shall be considered as third parties for the purposes of this Article,
provided that they do not only hold an authorisation for conducting exchange bureau
business, as well as the persons listed in items a) and b) of Article 2 (1) 3) of Directive
(EU) 2015/849 incorporated in another Member State and corresponding obliged entities
incorporated in a third country
1. whose customer due diligence requirements and record-keeping requirements are
consistent with those laid down in Directive (EU) 2015/849; and
2. that are subject to supervision in relation to compliance with these requirements,
consistent with Section 2 of Chapter VI of the Directive (EU) 2015/849.
Obliged entities shall be prohibited from relying on third parties established in high-risk third
countries. This shall not apply for branches or branch establishments of third parties
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
incorporated in Austria or in another Member State and their subsidiaries, where those
branches or branch establishments or subsidiaries fully comply with the group-wide policies
and procedures.
Performance by third parties in the case of groups
Article 14. The requirements pursuant to Article 13 may be fulfilled by the implementation of
a group programme (policies and procedures to be applied on a group-wide basis pursuant
to Article 24), in which all of the following requirements are fulfilled:
1. the obliged entity relies on information provided by a third party that is part of the same
group;
2. the group applies customer due diligence, rules on record-keeping and programmes
against money laundering and terrorist financing in accordance with this federal act or
Directive (EU) 2015/849, or equivalent rules;
3. the effective implementation of the requirements referred to in no. 2 is supervised at group
level by a competent authority of the home Member State or of the third country.
Outsourcing and agency relationships
Article 15. This Section shall not apply to outsourcing or agency relationships where, on the
basis of a contractual arrangement, the outsourcing service provider or agent is to be
regarded as part of the obliged entity.
Section 5
Reporting obligations
Reports to the Financial Intelligence Unit (Geldwäschemeldestelle)
Article 16. (1) The obliged entities shall inform the Financial Intelligence Unit
(Geldwäschemeldestelle) without delay upon their own initiative by means of a suspicious
activity report, if they know, suspect or have reasonable grounds to suspect, that
1. an attempted, upcoming, ongoing or previously conducted transaction is related to asset
components originating from one of the criminal activities listed in Article 165 StGB
(including asset components which stem directly from a criminal act on the part of the
perpetrator);
2. an asset component originates from one of the criminal activities listed in Article 165 StGB
(including asset components which stem directly from a criminal act on the part of the
perpetrator) or
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
3. a customer has violated the obligation to disclose trust relationships pursuant to Article 6
para. 3; or
4. the attempted, upcoming, ongoing or previously conducted transaction or the assets are
connected to a criminal organisation pursuant to Article 278a StGB, a terrorist
organisation pursuant to Article 278b StGB, a terrorist crime pursuant to Article 278c StGB
or terrorist financing pursuant to Article 278d StGB.
The suspicious activity report shall be submitted in a commonly used electronic format, via
the secure communications channels determined by the Financial Intelligence Unit
(Geldwäschemeldestelle).
(2) The obliged entities, and their employees as applicable, shall cooperate fully with the
Financial Intelligence Unit (Geldwäschemeldestelle), by providing the Financial Intelligence
Unit (Geldwäschemeldestelle) irrespective of a suspicious activity report pursuant to para. 1,
directly or indirectly upon request all information it deems necessary for preventing or
pursuing money laundering or terrorist financing.
(3) Credit institutions shall inform the Financial Intelligence Unit (Geldwäschemeldestelle)
without delay about all requests to withdraw savings deposits, if
1. the customer's identity has not yet been determined pursuant to Article 6 para. 1 for the
savings deposit, and
2. the payout is intended to be made from a savings deposit with a credit balance of at least
EUR 15 000 or euro equivalent value.
Payouts from such savings deposits shall only be made upon expiry of a period of seven
calendar days following the request for the payout, unless the Financial Intelligence Unit
(Geldwäschemeldestelle) orders a longer period pursuant to Article 17 para. 4.
(4) The Financial Intelligence Unit (Geldwäschemeldestelle) shall provide obliged entities
with access to up-to-date information on the ways of money laundering and terrorist
financing, and provide indications that allow suspicious transactions to be recognised.
Likewise, the authority shall ensure that timely feedback is provided about the effectiveness
of and follow-up to reports of suspected money laundering or terrorist financing.
(5) The Financial Intelligence Unit (Geldwäschemeldestelle) shall also be authorised to
examine required information from natural and legal persons and other facilities with a legal
personality for the prevention of and pursuit of money laundering and terrorist financing and
to process this information in an information application together with data that it has
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
processed or is allowed to process in the enforcement of national or regional laws, provided
that this information corresponds to the groups of affected parties and data types set out in
standard application SA037 in Annex 1 of the Regulation on Standards and Templates
(StMV - Standard- und Muster-Verordnung 2004), published in Federal Law
Gazette II no. 312/2004. The data shall be deleted as soon as it is no longer required for the
fulfilment of duties, at latest after a period of five years. Submissions shall be permissible
within the meaning of Article 4 para. 2 nos. 1 and 2 of the Criminal Intelligence Service Act
(BKA-G, Bundeskriminalamt-Gesetz).
Non-execution of transactions
Article 17. (1) The obliged entities shall cease to conduct any further execution of related
transactions following submission of a suspicious activity report (Article 16 para. 1) and shall
fulfil any additional specific instructions received from the Financial Intelligence Unit
(Geldwäschemeldestelle). The Financial Intelligence Unit shall take into account whether the
risk exists by delaying or ceasing the transactions could hinder or impede the investigation of
the case or the pursuit of the beneficiary of a suspicious transaction.
(2) In the event that it is not possible to cease the execution of the transactions listed in
para. 1, or any stoppage or delay could impede the pursuit of the beneficiary of a suspicious
transaction, the obliged entities concerned shall submit the suspicious activity report
(Article 16 para. 1) to the Financial Intelligence Unit (Geldwäschemeldestelle) immediately
thereafter. In cases of doubt, orders involving incoming funds may be executed, while orders
involving outgoing funds are not to be executed.
(3) The obliged entities shall be entitled to request that the Financial Intelligence Unit
(Geldwäschemeldestelle) should decide whether concerns exist about the immediate
execution of a transaction; if the Financial Intelligence Unit (Geldwäschemeldestelle) fails to
respond by the end of the following banking day, the transaction may be executed
immediately.
(4) The Financial Intelligence Unit (Geldwäschemeldestelle) shall be authorised to instruct
that an ongoing or upcoming transaction, for which a report pursuant to Article 16 para. 1 is
to be submitted, shall be omitted or temporarily delayed, and that instructions given by the
customer relating to the disbursement of funds shall only be allowed to be conducted with the
consent of the Financial Intelligence Unit (Geldwäschemeldestelle). The Financial
Intelligence Unit (Geldwäschemeldestelle) must inform the Public Prosecutor's office of this
instruction without unnecessary delay. The customer shall also be informed, although
informing the customer may be put off for up to a maximum of five banking days, if doing so
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
could otherwise impede the pursuit of the beneficiary of a suspicious transaction. The obliged
entities shall be informed about the delay in informing the customer. The notification to the
customer must include an indication that the customer or another affected party may be
entitled to lodge a complaint with the competent administrative court regarding violations of
their rights.
(5) The Financial Intelligence Unit (Geldwäschemeldestelle) shall repeal the instruction in
accordance with para. 4 as soon as the conditions for its having been issued no longer
prevail, or the public prosecutor declares that the conditions for confiscation pursuant to
Article 109 no. 2 and Article 115 para. 1 no. 3 of the Code on Criminal Procedure (StPO -
Strafprozessordnung) do not exist. Otherwise, the instruction shall be abrogated:
1. once six months have elapsed since it was issued, or
2. as soon as the court has issued a legally effective decision on a request for confiscation
pursuant to Article 109 no. 2 and Article 115 para. 1 no. 3 StPO.
Notifications from the competent authorities to the Financial Intelligence Unit
(Geldwäschemeldestelle)
Article 18. In the event that the FMA or the Oesterreichische Nationalbank, in performing
their supervision duties, find reason to suspect that a transaction serves the purpose of
money laundering or terrorist financing, they shall report this to the Financial Intelligence Unit
(Geldwäschemeldestelle) without delay. This shall also apply accordingly for the government
tax authorities in the performance of their duties.
Exclusion from claims for damages and protection against threats
Article 19. (1) Claims for damages may not be asserted due to the fact that an obliged entity
or employees of the obliged entity have delayed or omitted the execution of a transaction in
negligent ignorance of the fact that the suspicion of money laundering or terrorist financing or
of violations pursuant to Article 6 para. 3 was incorrect.
(2) The obliged entities shall ensure that individuals, including employees and
representatives of the obliged entity, who report suspicions of money laundering or terrorist
financing internally or to the Financial Intelligence Unit (Geldwäschemeldestelle), are
protected from being exposed to threats or hostile action, and in particular from adverse or
discriminatory employment actions.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Prohibition of disclosure
Article 20. (1) Obliged entities shall be obliged to ensure confidentiality towards customers
and third parties of all procedures in relation to Articles 16 and 17. Furthermore, the obliged
entities shall, if they become aware or have a suspicion of or have reasonable grounds to
assume, that a circumstance that requires to be reported pursuant to Article 16 para. 1 exists
and they could reasonably assume that the application of customer due diligence obligations
could impede the pursuing of the beneficiary of a suspicious transaction, they shall waive the
application of customer due diligence obligations and shall instead inform the Financial
Intelligence Unit (Geldwäschemeldestelle) immediately by means of a suspicious activity
report.
(2) As soon as the customer has been informed by the Financial Intelligence Unit
(Geldwäschemeldestelle) about the order pursuant to Article 17 para. 4 having been issued,
the obliged entities shall be empowered to refer the customer - although only at the
customer’s request - to the Financial Intelligence Unit (Geldwäschemeldestelle); furthermore,
the obliged entities shall with the consent of the Financial Intelligence Unit
(Geldwäschemeldestelle) also be empowered to inform the customer of the order.
(3) The prohibition pursuant to this Article:
1. does not affect the disclosure of information to the FMA, the Oesterreichische
Nationalbank, or the disclosure of information for law enforcement purposes;
2. does not affect the disclosure of information between credit institutions and financial
institutions and their branches or branch establishments and their subsidiaries in third
countries, provided that such entities fully comply with the applicable group-wide policies
and procedures (Article 24) and the group-wide policies and procedures comply with the
requirements of this federal act.
3. does not prevent the disclosure of information between the relevant obliged entities in
cases that refer to the same customer and the same transaction involving two or more
obliged entities; this shall also apply to credit institutions and financial institutions pursuant
to Article 1 nos. 1 and 2 of Directive (EU) 2015/849 incorporated in another Member
State, provided that they do not only hold an authorisation for conducting exchange
bureau business, as well as obliged entities incorporated in a third country, in which
comparable requirements apply to those set out in Directive (EU) 2015/849 and that are
subject to comparable obligations in terms of both professional secrecy and personal data
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
protection. The information exchanged is to be used exclusively for the purposes of the
prevention of money laundering and terrorist financing.
Section 6
Retention of records, data protection, statistical information and requirements for
their internal organisation
Requirements for retention of records and data protection
Article 21. (1) The obliged entities shall be required to retain:
1. copies of the documents and information which are necessary to comply with the
customer due diligence requirements, for a period of five years after the end of the
business relationship with their customer or after the date of an occasional transaction;
2. receipts and records of transactions required to investigate transactions, for a period of
five years after the end of the business relationship with their customer or after the date of
an occasional transaction.
(2) The obliged entities shall be required to delete all personal data, which they have
processed solely for the purposes of this federal act upon expiry of the retention periods in
accordance with para. 1, unless the regulations set out in other federal acts require or allow a
longer retention period. No data shall be allowed to be deleted until any pending
investigative, main or appeal proceedings in relation to Articles 165, 278a, 278b, 278c, 278d
or 278e StGB have been ended in a legally binding manner, if the obliged entity has
demonstrably become aware of the proceedings.
(3) The FMA may instruct by means of a Regulation that longer retention periods shall apply
following a detailed review of their necessity and proportionality, if this is necessary to
prevent, uncover or investigate money laundering or terrorist financing, or if this is necessary
for specific types of obliged entities on the basis of particular circumstances. The retention
periods shall not be allowed to exceed ten years.
(4) Personal data that is processed by obliged entities on the basis of this federal act solely
for the purposes of the prevention of money laundering and terrorist financing, shall not be
allowed to be processed further in such a way that is incompatible with those purposes. This
personal data shall not be allowed to be processed for other purposes, for example for
commercial purposes.
(5) Obliged entities shall provide new customers with the information required in accordance
with Article 24 paras. 1 and 2 of the Data Protection Act 2000 (DSG 2000 -
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Datenschutzgesetz 2000) before establishing a business relationship or carrying out an
occasional transaction. That information shall, in particular, include a general notice
concerning the legal obligations of obliged entities under this federal act with regard to the
processing of personal data for the purposes of the prevention of money laundering and
terrorist financing.
(6) An overriding public interest pursuant to Article 26 para. 2 DSG 2000 may exist, if the
refusal of information (Article 20 para. 1) is necessary to ensure the confidentiality of
procedures, which serve for the performance of Articles 16 and 17, in order to
1. enable the obliged entity or the FMA to fulfil its/their tasks properly for the purposes of this
federal act, or
2. avoid obstructing official or legal inquiries, analyses, investigations or procedures for the
purposes of this federal act and to ensure that the prevention, investigation and detection
of money laundering and terrorist financing is not jeopardised.
Information exchange with the Financial Intelligence Unit (Geldwäschemeldestelle)
and the FMA
Article 22. The obliged entities shall have systems in place that enable them to respond fully
and speedily through secure channels to enquiries from the Financial Intelligence Unit
(Geldwäschemeldestelle) or the FMA, in a manner that ensures full confidentiality of the
enquiries, that appear necessary to the aforementioned bodies for the purposes of the
prevention of or pursuing of money laundering or terrorist financing, as to whether they are
maintaining or have maintained, during a five-year period prior to that enquiry a business
relationship with specified persons, and on the nature of that relationship.
Requirements for internal organisation and trainings
Article 23. (1) The obliged entities shall establish policies, controls and procedures for the
effective mitigation and management of risks of money laundering and terrorist financing
identified on European Union, national and company-wide levels, which shall be
commensurate to the type and size of the obliged entity. In so doing, they shall take into
account the report of the European Commission pursuant to Article 6 (1) of Directive (EU)
2015/849, the national risk assessment (Article 3) and the risk assessment at company level
(Article 4) into account. The policies, controls and procedures shall in particular include the
following:
1. risk classification at customer level (Article 6 para. 5),
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
2. risk management systems (Article 11 para. 1 no. 1),
3. customer due diligence measures; this shall also include measures relating to new
products, practices and technologies for addressing the risks associated with them,
4. suspicious activity reports,
5. retention of documentation, and
6. provisions for compliance with para. 6
(2) The policies, controls and procedures (para. 1) shall be determined in written form and
approved by the management board; they shall be applied on an ongoing basis, and adapted
accordingly as necessary. The ongoing compliance with the internal regulations, which form
part of the policies, controls and procedures, of the employees who are subject to these
regulations, shall be monitored by the special officer (para. 3). In particular, he/she shall also
be responsible for the compliance with group-wide policies and procedures pursuant to
Article 24. Furthermore, a risk-based independent review of the policies, procedures and
controls as well as their ongoing application, shall be conducted by Internal Audit. Where
obliged entities are not required to have an internal auditing body, and where an independent
inspection is necessary due to the type and scope of the business activities conducted, the
inspection shall be conducted by an independent body.
(3) The obliged entities shall appoint a special officer within their company to ensure
compliance with the provisions of this federal act. The position of the special officer shall be
set up in such a way that such officer shall be responsible only to the management board
and shall report to the management board directly, without any intermediate levels.
Moreover, the officer shall be granted free access to all information, data, records and
systems that may in any possible way be connected to money laundering and terrorist
financing, as well as sufficient powers for the enforcement of compliance with the provisions
contained in this federal act. Obliged entities shall guarantee by means of appropriate
organisational measures that all the special officer’s duties may be fulfilled at all times on
site. The obliged entities shall ensure that the special officer shall at all times possess
adequate professional qualifications, knowledge and experience (expert qualification) and is
reliable and of integrity (personal reputation).
(4) The obliged entities shall designate a member of the management board, who shall be
competent for ensuring that the provisions intended to prevent or combat money laundering
or terrorist financing are complied with.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
(5) The obliged entities shall ensure by means of measures that are commensurate to the
risks to which they are exposed, as well as their type and size, that their employees are
aware of the provisions for the prevention or combatting of money laundering or terrorist
financing to an extent that is necessary for the fulfilment of their duties. Those measures
shall include participation of the competent employees in special ongoing training
programmes, in which they learn how to recognise operations which may be related to
money laundering or terrorist financing and to instruct them as to how to proceed in such
cases.
(6) Furthermore, the obliged entities shall also consider, when selecting staff members, their
propriety with regard to their attachment to legal values; attention shall also be paid, prior to
the appointment of supervisory board members, to their attachment to legal values.
(7) Electronic money issuers as defined in point 3 of Article 2 of Directive 2009/110/EC and
payment service providers as defined in point 11 of Article 4 of Directive (EU) 2015/2366, are
incorporated in another Member State and which are established in Austria in another form
than a branch, shall name a central point of contact in Austria, if they satisfy the criteria set
out in the delegated act pursuant to Article 45 (10) of Directive (EU) 2015/849, which are
responsible, on behalf of the appointing institution, for guaranteeing compliance with the
rules for the combatting of money laundering and terrorist financing and to facilitate
supervision by the FMA, by among other ways making documents and information available
to the FMA upon request.
Policies and procedures for groups
Article 24. (1) Obliged entities that are part of a group shall implement group-wide policies
and procedures for the purpose of combatting money laundering and terrorist financing,
including data protection policies as well as policies and procedures for sharing information
within the group, to be defined in written form, and to be applied on an ongoing basis. Those
policies and procedures shall be implemented effectively at the level of branches or branch
establishments and subsidiaries in Member States and third countries.
(2) Obliged entities shall ensure that their branches or branch establishments in other
Member States observe the national legislation passed transposing Directive (EU) 2015/849
in the Member State in question.
(3) Obliged entities shall ensure that their branches or branch establishments and their
subsidiaries located in third countries, where the minimum requirements for the prevention of
money laundering and terrorist financing are less strict than those set out in this federal act,
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
shall apply the requirements of this federal act, to the extent that the third country's law so
allows.
(4) The obliged entities shall inform the FMA in cases in which the implementation of the
policies and procedures to be applied on a group-wide basis pursuant to para. 1 is not
permissible in accordance with the law of a third country. Furthermore the obliged entities
shall ensure that their branches or branch establishments and their subsidiaries in this third
country apply additional measures to effectively mitigate the risk of money laundering or
terrorist financing. If the additional measures are not sufficient, then the FMA shall exercise
additional supervisory actions. The FMA may any among other things prescribe that the
group shall not be allowed to establish or that it terminates business relationships, and shall
not be allowed to undertake transactions in the third country or where necessary request the
group to close down its operations in the third country.
(5) The FMA shall notify the European Supervisory Authorities of instances in which a third
country's law does not permit the implementation of the policies and procedures required
under para. 1. In such cases, coordinated action may be taken to pursue a solution.
(6) The exchange of information, including customer information, within the group for the
purposes of combatting money laundering and terrorist financing shall be permitted; in
particular the documents and information, which are required for satisfying due diligence
obligations towards customers and the information submitted together with a suspicious
activity report may be passed on within the group, in order to fulfil the group-wide policies
and procedures pursuant to para. 1. It shall not be permitted to pass such information on if
the Financial Intelligence Unit (Geldwäschemeldestelle) or the Financial Intelligence Unit of
another Member State or a third country instructs otherwise.
Section 7
Supervision
Aims and principles of supervision
Article 25. (1) The FMA shall supervise the compliance of the rules of this federal act and of
Regulation (EU) 2015/847 by
1. credit institutions pursuant to Article 2 no. 1;
2. financial institutions pursuant to Article 2 no. 2 point a), that belong to a group of credit
institutions pursuant to Article 30 BWG or a group supervised by the FMA pursuant to
Article 197 para. 1 VAG 2016; and
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
3. financial institutions pursuant to Article 2 no. 2 points b) to h)
with the aim of the prevention of the abuse of the financial system for the purpose of money
laundering and terrorist financing. In so doing, it shall take into account the national
economic interest in maintaining a functioning financial system. By way of derogation from
Article 1 for the purposes of this section only those entities listed in nos. 1 to 3 shall be
considered as obliged entities.
(2) The FMA shall, when performing its duties and exercising its supervisory powers
pursuant to this federal act, proceed on the basis of a risk-based approach. It shall
1. analyse and assess the risks of money laundering and terrorist financing existing in the
financial system in Austria,
2. base the frequency and intensity of on-site and off-site supervision on the risk profile of
obliged entities, and on the risks of money laundering and terrorist financing in Austria,
3. review the assessment of the money laundering and terrorist financing risk profile of
obliged entities, including the risks of non-compliance, both periodically and when there
are major events or developments affecting the obliged entities’ management and
operations.
4. take into account, as appropriate, the degree of discretion allowed to the obliged entities
as well as the risk assessments that underlie this discretion, as well as the adequacy and
implementation of the internal policies, controls and procedures of the obliged entities.
(3) The FMA shall, in the enforcement of the provisions of this federal act, including the
issuing of Regulations on the basis of this federal act and their enforcement, as well as on
the basis of Regulation (EU) 2015/847 take into account European convergence in respect of
supervisory tools and supervisory procedures. To this end, the FMA shall participate in the
activities of the European Supervisory Authorities, and shall apply Guidelines,
Recommendations and other measures decided upon by the European Supervisory
Authorities. The FMA may deviate from the guidelines and recommendations of the
European Supervisory Authorities when justified grounds exist to do so, in particular in the
event of a conflict with provisions set out under national law.
(4) The FMA shall cooperate within the meaning of Regulations (EU) no 1093/2010, (EU)
no 1094/2010 and (EU) no 1095/2010 with the European Supervisory Authorities and with
the other participants of the European System of Financial Supervision (ESFS) pursuant to
Article 1 (3) of Regulation (EU) no 1092/2010, and shall make all information available to
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
them without delay necessary for the performance of their duties in accordance with the
aforementioned Regulations that they require on the basis of Directive (EU) 2015/849.
(5) The FMA may cooperate mutually with authorities in Member States and third countries
that perform the duties that correspond to the FMA's duties, and shall share all information,
where the sharing of the information serves the purposes of supervision of financial markets.
Such information shall also include information about shareholders, members of the
management board, the supervisory board, the administrative board, and the executive
directors of the obliged entities as well as information relating to the customers of the obliged
entities. The FMA may also exercise its powers under federal law exclusively for the
purposes of cooperation or exchange of information in accordance with this paragraph, even
if the conduct that is subject of the investigation does not constitute a breach of a regulation
applicable in Austria.
(6) The submission of information to authorities in third countries pursuant to para. 5 shall
only be permissible, if they are subject to or have agreed to an equivalent level of
professional secrecy that corresponds to the professional secrecy pursuant to the respective
European legal acts that govern the activities of obliged entities. Where information that the
FMA receives from the competent authority of another Member State is affected, such
information may only be allowed to be disclosed with the explicit consent of that supervisory
authority and only for the purposes, for which that authority has given its consent.
Furthermore such a submission shall only be permissible on the basis of a reciprocal
agreement or actual reciprocity.
Authorisation to process data
Article 26. The FMA shall be authorised to collect and process data as defined in the Data
Protection Act 2000 (DSG 2000 - Datenschutzgesetz 2000) provided that this lies within its
scope of responsibilities pursuant to this federal act.
Cooperation of Bundesrechnungszentrum GmbH
Article 27. The Bundesrechenzentrum GmbH shall cooperate in the conduct of business
operations, that the FMA is subject to in accordance with this federal act and Regulation (EU)
2015/847, provided that such a cooperation is in the interest of simplicity, expedience or
cost-effectiveness.
Supervision costs
Article 28. (1) The costs of the FMA for the supervision of obliged entities in accordance with
this federal act shall constitute costs of the accounting groups for banking supervision,
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
insurance supervision and securities supervision pursuant to Article 19 para. 1 nos. 1 to 3
FMABG and shall be refunded to the accounting groups in accordance with the assignment
set out in paras. 2 to 5, or where accounting subgroups shall be established within the
accounting group pursuant under the federal act to the accounting subgroups.
(2) The costs for the supervision of credit institutions pursuant to Article 1 para. 1 BWG, with
the exception of credit institutions pursuant to Article 1 para. 1 nos. 13, 13a and 21 BWG, the
costs of supervision of CRR-credit institutions pursuant to Article 9 BWG, which conduct
activities in Austria through a branch, for financial institutions pursuant to Article 1 para. 2
nos. 1 to 6 BWG that are part of a group of credit institutions pursuant to Article 30 BWG, for
CRR-financial institutions pursuant to Article 11 and Article 13 BWG, which conduct activities
in Austria through a branch, for electronic money institutions pursuant to Article 3 para. 2 E-
Geldgesetz 2010, for branches pursuant to Article 9 E-Geldgesetz 2010, payment institutions
pursuant to Article 7 ZaDiG and branches pursuant to Article 12 ZaDiG, shall be assigned to
the sub-accounting group to be established pursuant to Article 69a para. 1 BWG within the
accounting group Banking Supervision pursuant to Article 19 para. 1 no. 1 FMABG.
(3) The costs for the supervision of insurance undertakings pursuant to Article 5 no. 1
VAG 2016, small insurance undertakings pursuant to Article 5 no. 3 VAG 2016, the branches
of EEA insurance undertakings pursuant to Article 5 no. 7 VAG 2016, the branches of third-
country insurance undertakings pursuant to Article 5 no. 5 VAG 2016 and of financial
institutions pursuant to Article 1 para. 2 nos. 1 to 6 BWG, which form part of a group to be
supervised by the FMA pursuant to Article 197 VAG 2016, shall be assigned to the
accounting group Insurance Supervision pursuant to Article 19 para. 1 no. 2 FMABG.
(4) The costs for the supervision of investment firms pursuant to Article 3 para. 1 WAG 2007,
of investment services providers pursuant to Article 4 para. 1 WAG 2007 and investment
firms pursuant to point 1) of Article 4 (1) of Directive 2004/39/EC, which are authorised in
another Member State, and which conduct activities in Austria pursuant to Article 12
WAG 2007 through a branch, shall be assigned to the accounting subgroup to be established
pursuant to Article 90 para. 1 WAG 2007 for providers of investment services within the
accounting group for Securities Supervision pursuant to Article 19 para. 1 no. 3 FMABG.
(5) The costs for the supervision of AIFMs pursuant to Article 4 para. 1 AIFMG, of branches
established pursuant to Article 33 AIFMG, of non-EU AIFMs pursuant to Article 39 para. 3
AIFMG, of management companies pursuant to Article 5 para. 1 InvFG 2011, of branches
established pursuant to Article 36 para. 2 InvFG 2011, of real estate investment fund
management companies pursuant to Article 2 para. 1 ImmoInvFG and corporate provision
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
funds pursuant to Article 18 para. 1 BMSVG shall be assigned to the account subgroup to be
established pursuant to Article 45a para. 1 BMSVG, Article 56 para. 5 AIFMG, Article 2
para. 12 ImmoInvFG and Article 144 para. 1 InvFG 2011 within the accounting group
Securities Supervision pursuant to Article 19 para. 1 no. 3 FMABG.
Information and disclosure obligations
Article 29. (1) The FMA may request information from obliged entities at any time on all
issues that are addressed in this federal act and in Regulation (EU) 2015/847 and may
request necessary documents to be disclosed and may determine the way and manner in
which the documents shall be disclosed.
(2) The FMA may, in order to ensure the legality of insurance business, also request
information from insurance intermediaries pursuant to Article 365m para. 3 no. 4 of the
Commercial Code (GewO 1994 - Gewerbeordnung 1994) at any time and request the
submission of documents, in particular about contracts held by insurance intermediaries or
contracts with third parties, and may inspect them on-site; Article 30 paras. 1 to 3 shall apply
accordingly.
(3) The FMA, in relation to the supervisory obligations conferred upon it in accordance with
this federal act, may request information from anyone about issues covered by this federal
act. Any other existing obligation of secrecy existing in accordance with other legal provisions
shall not be affected by this. The auditor of the obliged entity may not however invoke his
secrecy obligation.
(4) The obligation to disclose information implies a commitment to submit certificates and
other written documentation, or to permit them to be inspected.
On-site inspections
Article 30. (1) The competent bodies within the FMA may conduct on-site inspections at the
obliged entities at any time to verify compliance with the provisions of this federal act.
(2) The FMA may, with the consent of the host country’s competent authority, conduct
inspections of branches or branch establishments and subsidiaries in Member States and
third countries of obliged entities incorporated in Austria to check the effective
implementation of the policies and procedures pursuant to Article 24. Paras. 3 to 8 of this
Article shall be applied accordingly. The FMA may request the host country’s competent
authority to perform the inspection, if doing so simplifies or speeds up the procedure or if
doing so is in the interests of expedience, simplicity, rapidity or cost-effectiveness.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
(3) Where necessary, the FMA may appoint inspection bodies that do not belong to the FMA.
They shall be remunerated by the FMA with a fee that is commensurate to the work involved
in the inspection and the expenses incurred for this purpose.
(4) The inspection shall be announced at least one week prior to commencement, provided
that doing so shall not thwart the purpose of the inspection. The inspectors are to be
provided with a written inspection engagement and must voluntarily present proof of their
identity as well as the inspection engagement before beginning the inspection. The
inspection mandate shall describe the subject matter of the inspection.
(5) Obliged entities shall make the documents required for the inspection available to the
inspection bodies, and allow them to inspect the bookkeeping records, receipts and
documents, and to provide information as requested. Furthermore, the obliged entities shall
grant the inspectors access to the business premises at any time during usual business and
working times.
(6) The inspection bodies may request the information and documentation required for the
inspection directly from any person employed by the obliged entities within the scope of that
person’s activities.
(7) The inspection bodies shall be provided with suitable premises and tools for the purpose
of conducting the inspection. Where data is entered or stored using data media, the obliged
entity shall be obliged at its own expense to provide the tools necessary to render the
documents readable within a reasonable period of time and, where necessary, provide the
required number of permanent copies which can be read without auxiliary tools.
(8) The findings made during the course of the inspection shall be recorded in writing. The
affected obliged entity shall be given an opportunity to submit its opinion.
(9) Paras. 1 to 8 shall be applied accordingly for service providers, to whom the functions or
business activities have been outsourced by the obliged entities, and regardless of whether
such a transfer requires authorisation. If the service provider is incorporated in another
Member State or a third country, then the FMA shall be required to gain the consent of the
competent authority in the host state before an on-site inspection is conducted. In the case of
an entity that is not subject to supervision, the competent authority in the host country, in
which the service provider is incorporated, shall be the competent authority. The FMA may
delegate an on-site inspection to the competent authority in the host country, in which the
service provider is incorporated.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
(10) A service provider incorporated in Austria, to whom functions or business operations
have been outsourced by a credit and financial institution pursuant to items a to d of Article 3
nos. 1 to 2 of Directive (EU) 2015/849 incorporated in another Member State, or by
comparable entities in a third country , may, with the consent of the FMA, be inspected on-
site by the competent authority of the relevant Member State or third country or by persons
appointed by them. The FMA itself or inspection bodies appointed by the FMA pursuant to
para. 3 may participate in this inspection. Paras. 4 to 8 shall be applied accordingly. The
FMA may perform the inspection at the request of the host country’s competent authority, if
doing so simplifies or speeds up the procedure or if doing so is in the interests of
expedience, simplicity, rapidity or cost-effectiveness.
(11) Austrian branches or branch establishments and subsidiaries of credit institutions and
financial institutions pursuant to points a) to d) of Article 3 (1) and (2) of Directive (EU)
2015/849 incorporated in another Member State or comparable third country entities may,
with the consent of the FMA, be inspected by the competent authorities of their home state or
persons appointed by those authorities with regard to the effective implementation of policies
and procedures as defined in Article 45 (1) of Directive (EU) 2015/849. The FMA itself or
inspection bodies appointed by the FMA pursuant to para. 3 may participate in such an
inspection. Paras. 4 to 8 shall be applied accordingly. The FMA may perform the inspection
at the request of the host country’s competent authority, if doing so simplifies or speeds up
the procedure or if doing so is in the interests of expedience, simplicity, rapidity or cost-
effectiveness.
Supervisory measures of the FMA
Article 31. (1) The FMA shall issue all instructions that are necessary and suitable to ensure
that the business operations of obliged entities are conducted in accordance with this federal
act and with Regulation (EU) 2015/847.
(2) In addition to instructions addressed to the obliged entities themselves, if the purpose of
the instructions require, such instructions in accordance with para. 1 may also be issued to:
1. the members of the management body of the obliged entity, as well as the persons who
control the obliged entity; or
2. service providers, to whom the functions or business activities have been outsourced, and
regardless of whether outsourcing requires authorisation.
(3) In cases of breaches of obligations pursuant to Article 34 paras. 2 and 3, the FMA may:
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
1. temporarily prohibit by means of an instruction any person held responsible for the breach
of the provisions, regardless of whether that person has already performed these
managerial functions, from exercising managerial functions in obliged entities, and
2. revoke the licence granted by the FMA pursuant to the procedures set out in Article 9
para. 1 no. 4 AIFMG, Article 6 para. 2 no. 3 in conjunction with Article 70 para. 4 BWG,
Article 26 para. 7 E-GeldG, Article 148 para. 5 InvFG 2011, Article 285 VAG 2016,
Article 91 para. 3 no. 5 in conjunction with Article 92 para. 8 WAG 2007 or Article 64
para. 7 ZaDiG.
Supervision in the context of the Freedom of Establishment and the Freedom to
Provide Services
Article 32. (1) If a credit institution or financial institution pursuant to Article 1 (1) and (2) of
Directive (EU) 2015/849 incorporated in another country, which performs business
operations in Austria, breaches the provisions of this federal act or of Regulation (EU)
2015/847, then the FMA shall request this entity to remedy such shortcomings. This request
shall not be issued in the form of an administrative decision. At the same time, the FMA shall
communicate its findings to the competent authority of the home Member State.
(2) In the event that the credit institution or financial institution pursuant to Article 1 (1) and
(2) of Directive (EU) 2015/849 incorporated in another Member State does not comply with
the instruction pursuant to para. 1, then the FMA shall communicate this to the competent
authority in the home Member State, and shall request that the supervisory authority in the
entity’s home Member State takes the appropriate measures for remedying the
shortcomings.
(3) If the competent authority of the home Member State does not take any measures, or if
the measures taken appear to be inadequate or ineffective, then the FMA, in applying
Article 31 shall issue the necessary and suitable instructions to the credit institution or
financial institution pursuant to Article 1 (1) and (2) of Directive (EU) 2015/849 incorporated
in another Member State. The competent authority of the home Member State shall be
contacted prior to instructing a measure in accordance with this paragraph.
(4) In the event that a measure is urgently necessary for preventing the misuse of the
financial system for the purposes of money laundering and terrorist financing, then the FMA
shall issue the necessary and suitable instructions, without procedures pursuant to paras. 1
to 3 and applying Article 31, to the credit institution or financial institution pursuant to Article 1
(1) and (2) of Directive (EU) 2015/849 incorporated in another Member State. The competent
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
authority of the home Member State shall be contacted once a measure in accordance with
this paragraph has been ordered.
Coercive penalties
Article 33. For the enforcement of an administrative decision in accordance with this federal
act, the amount specified in Article 5 para. 3 VVG shall be replaced by the amount of
EUR 30 000.
Section 8
Penal provisions and disclosures
Breaches of obligations
Article 34. (1) Any person who, as person responsible (Article 9 VStG) of an obliged entity,
breaches the obligations pursuant to
1. Article 4 (conducting, documenting and updating the risk assessment),
2. Articles 5 to 12 (customer due diligence obligations) and the Regulations of the FMA
issued on the basis of Article 6 para. 4, Article 8 para. 5 and Article 9 para. 4,
3. Articles 13 to 15 (execution by third parties),
4. Articles 16. to 17. (reporting obligations),
5. Article 19 para. 2 (protection against being exposed to threats or hostile actions in an
employment relationship),
6. Article 20 (prohibition of disclosure)
7. Article 21 paras. 1 to 3 (retention obligations) and Regulations of the FMA issued on the
basis of Article 21 para. 3,
8. Article 23 paras. 1 to 3 or 6 (internal organisation),
9. Article 23 paras. 4, 5 or 7 (trainings, responsibility of the management body and
designation of the central point of contact), or
10. Article 24 (policies and procedures for groups)
commits an administrative offence and shall be punished by the FMA with a fine of up to
EUR 150 000.
(2) In the case of breaches pursuant to para. 1 nos. 2, 4, 7, 9 and 10 that are severe,
repeated or systematic breaches or a combination of such breaches, the fine shall be up to
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
EUR 5 000 000 or up to double the amount of the gain arising from the breach of obligations,
where this amount is able to be determined.
(3) Any person who, as person responsible (Article 9 VStG) for an obliged entity,
1. fails repeatedly or systematically to submit prescribed information about the originator or
beneficiary in breach of Articles 4 to 6 of Regulation (EU) 2015/847,
2. does not ensure that records are retained pursuant to Article 16 of Regulation (EU)
2015/847, where this constitutes a repeated, systematic and severe failure,
3. fails to introduce effective risk-based procedures in breach of Article 8 or 12 of
Regulation (EU) 2015/847, or
4. in the case that the obliged entity is an intermediary payment service provider pursuant to
Article 3 no. 5, severely breaches Article 11 or 12 of Regulation (EU) 2015/847,
commits an administrative offence and shall be punished by the FMA with a fine of up to
EUR 5 000 000 or up to double the amount of the gain arising from the breach, where this
amount is able to be determined.
(4) The FMA may refrain from imposing a fine on a person responsible pursuant to Article 9
VStG, if the breach does not constitute a severe, repeated or systematic breach, or if an
administrative penalty has already been imposed on the legal person for the same breach
and no particular circumstances exist, which stand in the way of refraining from imposing a
fine.
(5) Anyone acting as trustee, who does not fulfil their disclosure obligation pursuant to
Article 6 para. 3, commits an administrative offence and shall be punished by the FMA with a
fine of up to EUR 60 000.
Penal liability of legal persons
Article 35. (1) The FMA may impose fines against legal persons, if a breach of an obligation
pursuant to Article 34 paras. 1 to 3 was committed to their benefit by a person, who acted
individually or as part of an organ of the legal person, and who holds a leading position within
the legal person based on any of the following powers:
1. the power to represent the legal person;
2. the power to take decisions on behalf of the legal person; or
3. the power to exercise control within the legal person.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
(2) Legal persons may also be held responsible for breaches of the obligations pursuant to
Article 34 paras. 1 to 3, if a lack of monitoring or control by a person listed in para. 1 enabled
the committing of one of the breaches of the obligations listed in Article 34 paras. 1 to 3 by a
person acting for the legal person to the benefit of the legal person.
(3) The fine pursuant to paras. 1 and 2 shall be up to EUR 150 000 for breaches of
obligations pursuant to Article 34 para. 1 and up to EUR 5 000 000 or 10% of total annual
turnover in the case of breaches of obligations pursuant to Article 34 paras. 2 and 3. The
total annual turnover shall be determined on the basis of the annual turnover from the most
recent adopted annual financial statement. If the obliged entity is a credit institution, an
electronic money institution pursuant to Article 3 para. 2 and Article 9 para. 1 E-
Geldgesetz 2010, which is a CRR-financial institution pursuant to point 26 of Article 4 (1) of
Regulation (EU) No 575/2013, a payment institution pursuant to Article 3 no. 4 ZaDiG, which
is a CRR-financial institution pursuant to point 26 of Article 4 (1) of Regulation (EU) No
575/2013, an AIFM pursuant to Article 2 para. 1 no. 2 AIFMG or an investment firm pursuant
to Article 1 no. 1 WAG 2007, then the total annual turnover is the total of the income items
listed in nos. 1 to 7 of Annex 2 to Article 43 BWG less the expenditures listed therein. If the
obliged entity is an insurance undertaking pursuant to Article 5 no. 1 VAG 2016 or a small
insurance undertaking pursuant to Article 5 no. 3 VAG 2016, then the total annual turnover
shall be the total of the income items listed in Article 146 para. 4 nos. 1 to 8 and 10 to 11
VAG 2016 less the expenditures listed therein. If the obliged entity is a parent undertaking or
a subsidiary of a parent undertaking, which is required to prepare consolidated financial
statements in accordance with Article 22 of Directive 2013/34/EU, then the total annual
turnover shall be determined on basis of the proceeds of the annual revenues of the
corresponding type of income in accordance with the relevant accounting Directives
according to the last available consolidated accounts. Where the FMA is unable to determine
or calculate the bases for the total revenues, then it shall estimate them. In so doing, all
relevant circumstances shall be taken into account that are relevant for the estimate.
(4) The FMA may refrain from imposing a fine against a legal person, in the event that there
is no severe, repeated of systematic breach, and where no particular circumstances exist,
which stand in the way of refraining from imposing the fine.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Extension of the limitation period
Article 36. In the case of administrative offences pursuant to this federal act, instead of the
period of limitation for pursuing this matter pursuant to Article 31 para. 1 VStG a period of
limitation of three years shall apply. The period of limitation for penal liability pursuant to
Article 31 para. 2 VStG shall be five years in such cases.
Disclosure
Article 37. (1) The FMA may publish the name of the natural person or legal person on its
website in the event of a breach of obligations pursuant to Article 34 nos. 2 and 3 and
Article 35 in conjunction with Article 34 paras. 2 and 3 including details about the breach of
obligations, provided that such disclosure does not seriously jeopardise the stability of the
financial markets, or cause a disproportionately high level of damage to the party concerned.
(2) The FMA shall publish legally effective imposed fines for breaches of obligations pursuant
to Article 34 paras. 2 and 3 and Article 35 in conjunction with Article 34 paras. 2 and 3 as
well as legally binding supervisory measures imposed against breaches of the obligations
listed in Article 34 paras. 2 and 3 on its website, including the identity of the natural or legal
person upon whom the sanction has been imposed or the supervisory measures enacted
and information about the type and character of the underlying breach of the obligation
without delay, once the person in question has been informed about the fine or supervisory
measures becoming legally effective.
(3) Where the FMA considers the publication of such data to be disproportionate following a
case-by-case assessment of the proportionality of the publication of the identity of the person
or personal data of the affected natural or legal person named in para. 2, or where the
publication of this data would threaten the stability of the financial markets of one or several
Member States, or the conducting of on-going investigations, then the FMA shall only publish
the decision (para. 2):
1. once the reasons for not publishing it cease to exist;
2. anonymously, if such an anonymous publication ensures an effective protection of the
relevant personal data; if it is decided to publish the information on an anonymous basis,
then the FMA may postpone the publication of the relevant data for a reasonable period of
time, if it is to be assumed that the reasons for an anonymised publication shall cease to
exist within that period; or
3. choose not to publish the decision, if the options in accordance with nos. 1 and 2 are not
sufficient to ensure
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
a) that the stability of the financial markets is not jeopardised, or
b) that with regard to measures deemed to be of a minor nature, that proportionality is
preserved in publishing the decisions.
(4) The person affected by this publication may make an application to the FMA to review the
lawfulness of the publication pursuant to paras. 1, 2 or 3 in a procedure resulting in an
administrative decision. In this case, the FMA shall notify the public of the initiation of such a
procedure in the same way as the original publication. If, in the course of this review, it is
found that the publication was unlawful, the FMA shall correct the publication or in
accordance with the request of the person subject to this publication, either revoke it or
remove it from its website.
(5) In the event that the administrative decision underlying the publication pursuant to
paras. 1 to 3 is appealed against, then this as well as the outcome of this procedure shall be
published in the same manner as the original publication. In the event that suspensory effect
is granted for such an appeal in a procedure in a court of law, then the FMA shall also make
this known. If an appeal is granted against a decision that is the subject of the publication
pursuant to paras. 1 to 3, the publication may be removed as the request of the affected
party from the FMA’s internet presence.
(6) If a publication is not to be revoked or removed from the internet on the basis of a
decision pursuant to paras. 4 and 5, it shall remain published for a period of five years.
Publication of the personal data shall however only be maintained for as long as none of the
criteria for an anonymised publication are fulfilled.
Effective punishment of breaches of obligations
Article 38. When applying a supervisory measure pursuant to Article 31 para. 3 or imposing
a fine pursuant to Article 34 or Article 35, the FMA shall take all relevant circumstances into
account, including where applicable
1. the gravity and the duration of the breach of the obligation;
2. the degree of culpability of the natural or legal person held responsible;
3. the financial strength of the natural or legal person held responsible, as indicated for
example by the total turnover of the legal person held responsible or the annual income of
the natural person held responsible;
4. the benefit derived from the breach by the natural or legal person held responsible,
provided that this can be determined;
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
5. the losses caused to third parties by the breach of obligations, provided that they can be
determined;
6. the willing of the natural or legal person held responsible to cooperate with the competent
authority; and
7. previous breaches of obligations by the natural or legal person held responsible.
The provisions of the VStG shall be unaffected by this paragraph.
Usage of received fines
Article 39. Fines imposed by the FMA pursuant to this federal act shall flow to the Federal
Government.
Protection of whistleblowers
Article 40. (1) Obliged entities shall have appropriate procedures in place to enable their
employees, whilst keeping their identity confidential, to report any internal breaches of the
provisions contained in this federal act, in regulations or administrative decisions enacted on
the basis of this federal act, or against the provisions of Regulation (EU) 2015/847, or any
administrative decision issued on the basis of that Regulation to a suitable body. The
procedures pursuant to this paragraph must comply with the requirements of para. 3 nos. 2
to 5.
(2) The FMA shall establish effective mechanisms to encourage the reporting of breaches or
suspected breaches of the provisions of this federal act, of the regulations or administrative
decisions issued on the basis of this federal act, of the provisions of Regulation (EU)
2015/847, or of an administrative decision issued on the basis of that Regulation.
(3) The mechanisms referred to in para. 2 shall include at least:
1. specific procedures for the receipt of reports on breaches and their follow-up;
2. appropriate protection for employees of obliged entities who report breaches committed
within the obliged entity;
3. appropriate protection for the accused person;
4. protection of personal data concerning both the person who reports the breaches and the
natural person who is allegedly responsible for a breach, in compliance with the principles
laid down in the DSG 2000;
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
5. clear rules to guarantee that the identity of the person who reported the breach is not
disclosed, unless such disclosure of identity is obligatory in relation to public prosecution,
court or administrative proceedings.
Notifications to the European Supervisory Authorities
Article 41. The FMA shall report all fines imposed for breaches of obligations pursuant to
Article 34 paras. 2 and 3 and Article 35 in conjunction with Article 34 paras. 2 and 3, as well
as supervisory measures imposed pursuant to Article 31 para. 3 to the European
Supervisory Authorities. If an appeals procedure is initiated, then both this fact and the
outcome of the appeal shall also be reported to the European Supervisory Authorities.
Section 9
Final provisions
Entry into force
Article 42. (1) This federal act shall enter into force on 1 January 2017, with the exception of
Article 8 para. 6 and Articles 34 to 38. Article 34 paras. 1, 2, 4 and 5 and Articles 35 to 38 in
the version of the federal act published in Federal Legal Gazette I no 118/2016 shall enter
into force upon expiry of the date of their publication in the Federal Law Gazette, at earliest
however, on 1 January 2017. Article 8 para. 6 and Article 34 para. 3 shall enter into force on
26 June 2017.
(2) Article 46 including its heading shall expire at the end of 25 June 2017.
(3) The FMA may already issue Regulations on the basis of mandates conferred upon it in
this federal act from the day following publication of the federal act. These Regulations shall
enter into force at the earliest at the same time as the corresponding mandates become
effective.
Entry into force of amendments
Article 43. Provisions about the entry into force for amendments of this federal act shall be
added as paragraphs within this Article.
References
Article 44. (1) Where references are made in this federal act to the following laws, they shall
apply to their respective current versions unless specified otherwise:
1. Securities Deposit Act (DepotG - Depotgesetz) published in Federal Law Gazette
no. 424/1969,
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
2. Criminal Code (StGB - Strafgesetzbuch) published in Federal Law Gazette no. 60/1974,
3. Code on Criminal Procedure 1975 (StPO - Strafprozeßordnung 1975), published in
Federal Law Gazette no. 631/1975;
4. Administrative Enforcement Act 1991 (VVG -Verwaltungsvollstreckungsgesetz 1991),
published in Federal Law Gazette no. 52/1991;
5. Administrative Enforcement Act 1991 (VVG -Verwaltungsvollstreckungsgesetz 1991),
published in Federal Law Gazette no. 53/1991;
6. Banking Act (BWG - Bankwesengesetz), published in Federal Law Gazette no. 532/1993;
7. Private Foundation Act (PSG - Privatstiftungsgesetz), published in Federal Law Gazette
no. 694/1993;
8. Commercial Code 1994 (GewO 1994 - Gewerbeordnung 1994), published in Federal Law
Gazette no. 194/1994;
9. Cooperative Auditing Association Act 1997 (GenRevG 1997 -
Genossenschaftsrevisionsgesetz 1997), published in Federal Law Gazette I no. 127/1997;
10. Data Protection Act 2000 (DSG 2000 - Datenschutzgesetz 2000), published in Federal
Law Gazette I no. 165/1999;
11. Financial Market Authority Act (FMABG - Finanzmarktaufsichtsbehördengesetz),
published in Federal Law Gazette I no. 97/2001;
12. Criminal Intelligence Service Act (BKA-G - Bundeskriminalamt-Gesetz), published in
Federal Law Gazette I no. 22/2002;
13. Associations Act 2002 (VerG - Vereinsgesetz 2002), Federal Law Gazette I no. 66/2002;
14. Act on Severance and Retirement Funds for Salaried Employees and Self-Employed
Persons (BMSVG - Betrieblicher Mitarbeiter- und Selbständigenvorsorgegesetz)
published in Federal Law Gazette I no. 100/2002;
15. Real Estate Investment Fund Act (ImmoInvFG - Immobilien-Investmentfondsgesetz),
published in Federal Law Gazette I no. 80/2003,
16. Securities Supervision Act 2007 (WAG 2007 - Wertpapieraufsichtsgesetz 2007),
published in Federal Law Gazette I no. 60/2007;
17. Payment Services Act (ZaDiG - Zahlungsdienstegesetz), published in Federal Law
Gazette I no. 66/2009;
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
18. E-Money Act 2010 (E-Geldgesetz 2010 - E-Geldgesetz 2010), published in Federal Law
Gazette I no. 107/2010;
19. Investment Funds Act 2011 (InvFG 2011 - Investmentfondsgesetz 2011), published in
Federal Law Gazette I no. 77/2011;
20. Alternative Investment Funds Manager Act (AIFMG - Alternative Investmentfonds
Manager-Gesetz), published in Federal Law Gazette I no. 135/2013,
21. Insurance Supervision Act 2016 (VAG 2016 - Versicherungsaufsichtsgesetz 2016),
published in Federal Law Gazette I no. 34/2015;
22. Beneficial Owners Register Act (WiEReG - Wirtschaftliche Eigentümer Registergesetz),
published in Federal Law Gazette I no. xxx/2017:
(2) Where references are made in this federal act to EU Directives, unless instructed
otherwise, the following listed versions thereof shall apply:
1. Directive 2007/64/EC on payment services in the internal market amending Directives
97/7/EC, 2002/65/EC, 2005/60/EC and 2006/48/EC and repealing Directive 97/5/EC,
OJ L 319, 05.12.2007, p. 1 most recently amended by Directive 2009/111/EC, OJ L 302,
17.11.2009, p. 97;
2. Directive 2009/110/EC on the taking up, pursuit and prudential supervision of the business
of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and
repealing Directive 2000/46/EC, OJ L 267, 10.10.2009, p. 7;
3. Directive 2013/34/EU on the annual financial statements, consolidated financial
statements and related reports of certain types of undertakings, amending Directive
2006/43/EC and repealing Directives 78/660/EEC and 83/349/EEC, OJ L 182,
29.06.2013, p. 86, most recently amended by Directive 2014/102/EU, OJ L 334 of
21.11.2014, p. 86; and
4. Directive (EU) 2015/849 on the prevention of the use of the financial system for the
purposes of money laundering or terrorist financing, amending Regulation (EU) No
648/2012 of the European Parliament and of the Council, and repealing Directive
2005/60/EC of the European Parliament and of the Council and Commission Directive
2006/70/EC, OJ L 141 of 05.06.2015, p. 73.
(3) Where references are made in this federal act to EU Regulations, unless instructed
otherwise, the following listed versions thereof shall apply:
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
1. Regulation (EC) No 1781/2006 on information on the payer accompanying transfers of
funds, OJ L 345, 08.12.2006, p. 1.
2. Regulation (EU) No 1092/2010 on European Union macro-prudential oversight of the
financial system and establishing a European Systemic Risk Board, OJ L 331,
15.12.2010, p. 1.
3. Regulation (EU) No 1093/2010 establishing a European Supervisory Authority (European
Banking Authority), amending Decision No 716/2009/EC and repealing Decision
2009/78/EC, OJ L 331, 15.12.2010, p. 12, most recently amended by Regulation
(EU) No 806/2014, OJ L 225, 30.07.2015, p. 1;
4. Regulation (EU) No 1094/2010 establishing a European Supervisory Authority (European
Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC
and repealing Decision 2009/78/EC, OJ L 331, 15.12.2010, p. 48, most recently amended
by Directive 2014/51/EU, OJ L 153, 22.05.2014, p. 1;
5. Regulation (EU) No 1095/2010 establishing a European Supervisory Authority (European
Securities and Markets Authority), amending Decision No 716/2009/EC and repealing
Decision 2009/77/EC, OJ L 331, 15.12.2010, p. 84, most recently amended by Directive
2014/51/EU, OJ L 153, 22.05.2014, p. 1; and
6. Regulation (EU) No 575/2013 on prudential requirements for credit institutions and
investment firms and amending Regulation (EU) No 648/2012, OJ L 176, 27.06.2013, p.
1, most recently amended by Delegated Regulation (EU) 2015/62, OJ L 11, 17.01.2015,
p. 37;
7. Regulation (EU) No 2015/847 on information accompanying transfers of funds and
repealing Regulation (EC) No 1781/2006, OJ L 141, 05.06.2015, p. 1.
Gender-neutral use of language
Article 45. Where expressions in this Federal Act relating to persons are given only in the
masculine form, they shall refer equally to men and women. The respective gender-specific
form shall be used when applied to specific persons.
Transitional provisions
Article 46. (1) Until the end of 25 June 2017, Articles 25, 27, 29, 31 and 32 shall be applied
respectively with the proviso that reference is made to Regulation (EC) no 1781/2006 rather
than to Regulation (EU) 2015/847.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
(2) Anyone who fails to collect, store, review or forward the necessary information, or carries
out or accepts funds transfers in violation of Articles 5 to 14 of Regulation (EC)
No 1781/2006, or violates record-keeping or notification obligations, commits an
administrative offence and shall be punished by the FMA with a fine of up to EUR 60 000.
(3) Regulation (EC) No 1781/2006 shall not apply to domestic transfers of funds to a payee
account permitting payments for the provision of goods or services if:
1. the payment service provider of the payee is subject to the obligations set out in Directive
2005/60/EC;
2. the payment service provider of the payee is able by means of a reference number
relating to the customer to trace back, through the payee, the transfer of funds to the
natural or legal person who has made an agreement with the payee for the provision of
goods and services, and
3. the amount being transferred is EUR 1 000 or less.
(4) Article 5 of Regulation (EC) No 1781/2006 does not apply to transfers of funds indicated
in Article 18 of Regulation (EC) No 1781/2006 which are transmitted within Austria by
payment service providers established in Austria to organisations carrying out activities for
non-profit charitable, religious, cultural, educational, social, scientific or fraternal purposes,
provided those transfers of funds are limited to a maximum amount of EUR 150 per transfer.
The payees in these funds transfers may only be associations or other organisations which
publish annual accounts due to legal requirements or voluntarily, and which were granted an
unqualified auditor's certificate by an external auditor confirming the due fulfilment of the
financial reporting requirements set out in the Associations Act 2002 (VerG 2002;
Vereinsgesetz) or other applicable statutory provisions; in the case of cooperative societies,
this certification shall be granted by an auditor pursuant to Article 1 GenRevG 1997. The
Chamber of Professional Accountants and Tax Advisors (Kammer der
Wirtschaftstreuhänder) shall confirm the fulfilment of these requirements.
(5) The FMA must publish on a quarterly basis a list of those payees to which funds transfers
pursuant to para. 4 are exempt from the application of Article 5 of Regulation (EC)
No 1781/2006. This list is to be compiled and updated on the basis of the corresponding
quarterly notification from the Chamber of Professional Accountants and Tax Advisors to the
FMA on the organisations which fulfil the requirements pursuant to para. 4 (second
sentence). In addition to the names of the organisations themselves, this notification from the
Chamber of Professional Accountants and Tax Advisors must also include the names of the
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
natural persons who ultimately control the organisations and associations as well as
explanatory notes on updates. The FMA must also inform the European Commission in
accordance with Article 18 (2) of Regulation (EC) No 1781/2006.
(6) Until expiry of 25 June 2017 the application of due diligence obligations pursuant to
Article 6 paras. 1, 2 and 3 in the instances listed in Articles 5 nos. 1, 2 and 5 in relation to
electronic money (electronic money as defined in Article 1 para. 1 E-Geldgesetz 2010) may
be omitted, provided that
1. in the case of a data medium that cannot be recharged, that the amount stored does not
exceed EUR 250, or in the case of payment transactions within Austria the amount does
not exceed EUR 500;
2. in the case of a data medium that can be recharged, that the total amount of transactions
made in a calendar year does not exceed EUR 2 500, except when an amount of
EUR 1 000 or more is reimbursed in the same calendar year upon the electronic money
holder's request pursuant to Articles 18 and 19 E-Geldgesetz 2010.
Enforcement clause
Article 47. Responsible for the execution of this federal act are:
1. the Federal Minister for Justice with regard to Article 19;
2. the Federal Minister for the Interior with regard to Article 16 paras. 4 and 5 and Article 17
paras. 4 and 5;
3. The Federal Minister of Finance in consultation with the Federal Minister of the Interior
with regard to Article 16 paras. 1 and 2, Article 17 paras. 1 to 3 and Article 22; and
4. with regard to all other provisions, the Federal Minister of Finance.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Annexes
Annex I
to Article 6
The following is a non-exhaustive list of risk variables that obliged entities shall consider
when determining to what extent to apply customer due diligence in accordance with Article 6
para. 5:
1. the purpose of an account or a business relationship;
2. the level of assets to be deposited by a customer or the size of transactions undertaken;
3. the regularity or duration of the business relationship.
Annex II
to Article 8
The following is a non-exhaustive list of factors and types of evidence of potentially low risk
in accordance with Article 8 para. 1:
1. Risk factors relating to customers:
a) exchange-listed companies, whose securities are admitted to listing on a regulated
market in one or more Member States, or exchange-listed companies from third
countries which are subject to disclosure obligations equivalent or comparable to
those set out under Union law, as determined by a regulation to be issued by the
FMA on the basis of Article 85 para. 10 BörseG;
b) public administrations or enterprises;
c) customers that are resident in geographical areas of lower risk in accordance with
no. 3.
2. Risk factors relating to products, services, transactions or delivery channels:
a) life assurance contracts with low premiums,
b) insurance policies for pension schemes, provided that the policies neither contain
an early surrender option, nor may they be used as collateral for loans,
c) a pension, superannuation or similar scheme, such as those operated by corporate
provision funds that receive severance contributions and pension contributions for
the self-employed, which provide retirement benefits to employees, where
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
contributions are made by way of deduction from salaries, and where the rules of
the system do not permit the beneficiary to transfer their rights to someone else,
d) financial products or services that provide appropriately defined and limited
services to certain types of customers with the aim of granting access to the
financial system for the purposes of financial inclusion,
e) products where the risks of money laundering and terrorist financing are managed
by other factors such as restrictions in place on the electronic purse or
transparency of ownership (e.g. certain types of electronic money).
3. Geographical risk factors:
a) Member States,
b) third countries having effective systems for the combatting of money laundering and
terrorist financing,
c) third countries identified by credible sources as having a low level of corruption or
other criminal activity,
d) third countries which, on the basis of credible sources (e.g. mutual evaluations,
detailed assessment reports or published follow-up reports), have requirements to
combat money laundering and terrorist financing consistent with the revised FATF
Recommendations and effectively implement those requirements.
All English translation of the authentic German text is unofficial and serves merely information purposes. The official wording in
German can be found in the Austrian Federal Law Gazette (Bundesgesetzblatt; BGBl.). All translations have been prepared with
great care, but linguistic compromises had to be made. The reader should also bear in mind that some provisions of these laws
will remain unclear without certain background knowledge of the Austrian legal and political system. Please note that these laws
may be amended in the future and check occasionally for updates.
Annex III
to Article 9
The following is a non-exhaustive list of factors and types of evidence of potentially higher
risk in accordance with Article 9 para. 1:
1. Risk factors relating to customers:
a) the business relationship is conducted in unusual circumstances,
b) customers that are resident in geographical areas with a high risk pursuant to no. 3,
c) legal persons or arrangements that operate as personal asset-holding vehicles,
d) companies that have nominee shareholders or shares issued in bearer form,
e) businesses that are cash-intensive;
f) the ownership structure of the company appears unusual or excessively complex
given the nature of the company's business;
2. Risk factors relating to products, services, transactions or delivery channels:
a) private banking,
b) products or transactions that might favour anonymity,
c) non-face-to-face business relationships or transactions, without certain safeguards,
such as electronic signatures,
d) payments received from unknown or unrelated third parties,
e) new products and new business practices, including new delivery mechanisms, and
the use of new or developing technologies for both new and pre-existing products,
3. Geographical risk factors:
a) without prejudice to Article 2 no. 17, countries that are identified by credible sources
(e.g. mutual evaluations, detailed assessment reports or published follow-up
reports) as not having effective systems for combatting money laundering or terrorist
financing,
b) third countries identified by credible sources as having a significantly high level of
corruption or other criminal activity,
c) countries, against whom for example the European Union or the United Nations
has/have imposed sanctions, embargos or similar measures,
d) countries that provide financial or other means of support for terrorist activities, or in
which known terrorist organisations operate.